package com.tomatozq163.security.controller;

import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.PropertySource;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class UserController {
    @Value("${userinfo.username}")
    private String userName;

    @GetMapping("/hello")
    @ResponseBody
    public String hello(){
        return "hello world!" + userName;
    }

    @GetMapping("/login")
    public String login(){
        return "login";
    }

    @PostMapping("login")
    @ResponseBody
    @ApiOperation(value="登录")
    @ApiImplicitParams({
            @ApiImplicitParam(paramType = "form", name = "username", value = "用户名", required = true, dataType = "String"),
            @ApiImplicitParam(paramType = "form", name = "password", value = "密码", required = true, dataType = "String")
    })
    public String login(String username,String password){
        return "success";
    }

    /**
     * @EnableGlobalMethodSecurity(prePostEnabled=true) 必须开启，否则注解无效
     * @return
     */
    @PreAuthorize("hasRole('ADMIN')")
    @GetMapping("/add")
    @ResponseBody
    public String add(){
        return "add";
    }


    @GetMapping("/admin/add")
    @ResponseBody
    public String adminAdd(){
        return "admin add";
    }
}
